In what appears to be the third incident in the past week involving patient data and a third-party breach, personal information of more than 14,000 Moses Cone Health System patients was on a laptop stolen from VHA in Georgia. According to VHA’s web site, they serve 1,400 not-for-profit hospitals and more than 21,000 non-acute care health care organizations nationwide.
According to a press release issued by the hospital, the stolen computer contained information about cardiology and orthopedic patients treated at Moses Cone Memorial Hospital or Wesley Long Community Hospital between February 2004 and February 2009. The computer was not encrypted and in some cases, social security numbers were included in the patients’ files. No details were provided as to the details of the theft.
Within the past week, 100,000 patients of Peninsula Orthopaedic Associates in Maryland and patients of Lakeland Radiologists in Mississippi also learned that their sensitive information had been stolen. Not one incident report indicated that the patient data had been encrypted at the time of theft.